I guess Microsoft might be such an offender if you happen to use Bing search. But since people only do that on TV, we're comparatively safe. Google Analytics is, as you say, a useful tool for webmasters, but for the casual user there's very little impact if you simply block it via hosts file or adblock, other than having to manually type the URL for top-ranked listings into your location bar every now and then.

Are you saying that GA is tracking users between sites and that data is being used to inform the advertising?

I was under the impression that GA was simply used by webmasters to track their own usage only, which doesn't seem entirely unreasonable. But if the same data is being further exploited then that would be an issue.

Are you saying that GA is tracking users between sites and that data is being used to inform the advertising?

Of course it is. To think otherwise is naive at best. Google's sole business model is to provide services in exchange for targeted advertising. They aren't going to give away the GA service for free any more than they give anything else away for free.

I have had GA blocked in NoScript for a long time. I don't know if it has any real effect, of course. Maybe I'll check out the topic of this/. article just to see if it has any effect. I also blocked doubleclick.net permanently a long time ago after one too many pop-ups. I don't block everything either with NoScript or AdBlock, just those that are offensive, obtrusive and/or creepy. I feel that letting them show me ads is part of the bargain.

Or RequestPolicy [mozilla.org] which is an easy-to-use plugin that shows you the sites the site you're currently browsing wants to contact. Once you've whitelisted the domains that are really part of the site (eg slashdot.com might have a few elements from slashdot.org) then you can leave the rest safely blocked. And unless you ever visit statcounter.com or similar, they'll never get to see your cookies.

Although I appreciate the intent, I am finding RequestPolicy a little difficult to deal with. How do you whitelist things that are "really" part of a site? Some places have 50+ items to wade through. Most sites have pieces that are invisible unless you allow everything. Push on a button and there is a warning that an email from Autoweek is sending you to an Autoweek site. Why is this a concern? You can't tell the bad actors by looking at site redirect names.

Then use Adblock Plus, NoScript, header spoof and allow session-only cookies from specific sites only. Apart from IP profiling, there is not much mainstream techniques one of said sites can use for tracking.

Much more efficient to use a local dns cache.I use tinydns/dnscachex locally, Apart from doing lookups for my domain, it relays everything to opendns except for domains or subdomains that are nosy bastards.

And you can always layer on a host file if necessary. But doing a *.doubleclick.net is much more efficient.

I wanted to do that, and had a bear of a time trying to get my server to handle things correctly INSIDE my NAT while also resolving things correctly OUTSIDE the NAT. Eventually I gave up and have foo*.dyndns.org.:(

dnscachex can specify servers for arbitrary domains. If you want some stuff to be internal only and don't want to mess about with replication, just run a 2nd DNS server on a specified local interface (maybe an alias), and point dnscachex at that for that domain.

Or of course, you could just put your local records in your DNS, and not worry about it.

Perhaps on Linux this is a simpler task and works well for you. Windows (at least XP), on the other hand, takes forever to parse that file. I had to disable that mechanism to block websites, because it was messing with the whole networking behavior.

Spybot uses this mechanism to block malware-sites, and I had at some point to disable it for that reason too.

Permit Cookies is very useful (need to disable extension checking and it works with FF5) in limiting tracking while still providing a usable web experience. It turns all cookies into session cookies that are gone when you close the browser and has a shortcut to override for sites that you do want to allow permanent cookies to be set. When I restart my browser I am a new person. For complete protection I also use NoScript, Ghostery and Better Privacy.

Firefox has this option a standard feature. Go to Tools(Edit) -> Options(Preferences) and go to the Privacy Tab. Select "Use Custom Settings For History". You can choose to delete cookies as soon as the browser is closed, making all cookies into session cookies. You can then use the exceptions button to configure sites that you want to allow to store cookies for longer.

Seriously - how is this legal? People can't wiretap me without a warrant, they can't look into the windows of my house, and they can't read my (paper) mail. I don't accept a EULA for web sites and no one owns the internet. Why isn't this hacking?

I don't accept a EULA for web sites and no one owns the internet. Why isn't this hacking?

If you look at the bottom of sites, they generally have terms and conditions which you are following by using the website. Its not akin to someone looking into your house, its akin to the cashier person looking at your purchases at the supermarket and next time offering you something you might like. You're using their website/advertising service and they're seeing what works.

I really have no objection to websiteX tracking my movements through websiteX.

I don't see why I should have to submit to Google tracking my movements through websiteX, websiteY, websiteZ, and half a million other sites though.

The closest thing we have right now to this in the real world is VISA. But they only track your purchases, not everywhere you go. And it is pretty easy to simply not pay for everything with VISA and avoid being tracked.

I listened to a keynote speech by a futurist at the 2001 O'Reilly Open Source Conference in Monterey California. He was talking about how existing technology would be used. Among other things, when you went to the mall face recognition systems (along with other stuff like wi-fi and bluetooth snooping) would attempt to figure out who you are. You would have HW that tries to prevent that by jamming or other means. Then as you walk down the entry hall, floating holographs would appear in front of you with

A majority of sites that I go to (especially news sites) do not work correctly unless both cookies and javascript (at least _their_ javascript, plus maybe Google API, if not a bunch of third party javascript). And the pool of sources for that stuff that is required to make things work is expanding at a high rate. So one can not just block all cookies all the time. So one has to allow or disallow on a site-by-site basis. Installing the extensions (NoScript, Adblock, et al) is the easy part. After that i

Geeknet uses web beacons from time to time. Such web beacons may be provided by Geeknet’s third party advertising companies to help manage and optimize Geeknet’s online advertising. To opt out of targeted advertising delivered by Network Advertising Initiative members, click here: http://www.networkadvertising.org/consumer/opt_out.asp [networkadvertising.org]... "

How is what legal? Offering to send you a cookie and then sending it when you request it? The Web sites didn't configure your browser to silently accept and pass on cookies. No site can store or read back anything from your computer without active cooperation from your browser, which is entirely under your control.

Others have mentioned various add ons which can be used to prevent tracking. Personally I use the Firefox addons Cookie Monster, and NoScript.

Cookie Monster has a number of options, including the one I use which is deny all cookies by default. I then enable for the few sites that I visit regularly that require cookies. You can also temporarily websites to set cookies, and that permission is revoked when you next start Firefix.

NoScript is used in a similar way. I block all JavaScript by default. I then enabl

I delete all my cookies except a few every time I close my browser. That works in Chrome, Safari and Firefox now. In chrome I press a button to remove the cookies it would delete if I exited right now. I checked the advertising sites and they don't know me. Google knows me for as long as I keep my browser window open. Facebook doesn't follow me around on the web either. I use the Vanilla plugin for chrome.
Hope that's good enough.

to build on this, disabling 3rd party cookies, clearing the cache on browser close, and checking the new but not fully implemented do not track checkbox in firefox are all great ways to prevent tracking.

I tried that. I forbade AdBrite, Facebook, Google Syndication and many other scripts, yet when I checked Occlusion's graph and my cookies, cookies of those blocked sites existed. After installing Ghostery most of them [cookies] weren't created and Occlusion didn't register them.